Hosting Provided By

Any known exploit for the samba 2.2.2-2.2.6 encrypted password vuln?

From: Neulinger, Nathan <nneul(at)umr.edu>
Date: Wed Jan 08 2003 - 17:33:13 EST

Nathan

Nathan Neulinger                       EMail:  nneul@umr.edu
University of Missouri - Rolla         Phone: (573) 341-4841
Computing Services                       Fax: (573) 341-4216

-----Original Message-----
From: Dave Ahmad [mailto:da@securityfocus.com] Sent: Wednesday, January 08, 2003 4:02 PM To: Neulinger, Nathan
Subject: Re: Any known exploit for the samba 2.2.2-2.2.6 encrypted password vuln?

Hi Nathan,

Send this message to the INCIDENTS mailing list. The address is incidents@securityfocus.com.

David Mirza Ahmad
Symantec

0x26005712
8D 9A B1 33 82 3D B3 D0 40 EB AB F0 1E 67 C6 1A 26 00 57 12

On Wed, 8 Jan 2003, Neulinger, Nathan wrote:

> I'm trying to track down how a server got rooted, and running up
against
> dead ends for any remote vulnerabilities.
>
> Only unusual service running on the machine was smb-2.2.4
authenticating
> against an ADS server.
>
> -- Nathan
>
> ------------------------------------------------------------
> Nathan Neulinger EMail: nneul@umr.edu
> University of Missouri - Rolla Phone: (573) 341-4841
> Computing Services Fax: (573) 341-4216
>

This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com Received on Wed Jan 8 19:20:06 2003

Do you need help?

This message: [ Message body ]
Next message: noconflic: "Re: /sumthin Revisited"
Previous message: Rob Keown: "RE: /sumthin Revisited"
Reply: Andrew Thomas: "RE: DCOM worm analysis report: W32.Blaster.Worm"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:55 EDT